Globalization has opened more business opportunities around the world, but the pace and rigor of regulatory oversight and enforcement are rising as well, and regulators are cooperating more across international lines. For a company that operates in more than one jurisdiction, the risk of unintentional and even irreconcilable conflict is a natural consequence, and the resulting environment can affect the way people go about their business. To cope, companies should find ways to adapt global goals to local specifics.

That was a key takeaway from a great exchange of views I was privileged to moderate at the recent Cross-Industry Compliance Leadership Summit at Deloitte University. Compliance chiefs from financial services, life sciences, health care, consumer products, entertainment, communication, natural resource extraction, retail, and other industries gathered to compare their experiences and insights. In our own spheres, global regulation is a topic we address every day. But sharing views among different industries was a refreshing opportunity.

“The oceans and the distance don’t really matter anymore,” one executive said. “Regulators expect global companies to have a global view, even in the far-flung regions in which we all operate. But if you operate in a number of different countries around the world, having a globally consistent policy is just scratching the surface. You need to see the local variations behind the policies.”

My Deloitte colleague and co-moderator, Martin Biegelman, shared his own experience as a former government investigator to illustrate the change from a different perspective. Martin noted that, in the past, enforcement of the Foreign Corrupt Practices Act (FCPA) was an unpopular assignment for federal agents and prosecutors–there was no travel budget and no cooperation from counterparts overseas. Now, the FBI, DOJ and SEC have large staffs dedicated to FCPA cases and assistance from enforcement officials in other countries. One of our summit attendees said that with more resources comes more activism: “Regulatory expectations and sensitivities have been set so high. All you need is to have a lack of policies and procedures and you can be charged with a violation.”

When you add the international component, applying US-based assumptions to compliance outside the United States can be difficult. “You can get into analysis paralysis after a while because there are so many regulations,” one participant said. Others shared examples:

In Germany, you aren’t allowed to ask people what their citizenship is, but you’re also not allowed to hire people from certain countries. “A tap dance is all you’re able to do at this point, and I’m not a very good tap dancer,” one compliance chief said. “It’s the conflict that concerns me the most.”

Another company’s local compliance officer in Korea was sanctioned for providing customer data to the company’s own internal audit department. “He was just trying to react to our internal audit organization, and he violated the privacy laws.”

With stories like those in circulation, one compliance executive said, “The fear of doing something wrong may have a tendency to force senior management to do nothing. And that hurts the business. If I want to lock the door, I’ll be perfectly safe; but that’s not going to give the shareholders the return they deserve.”

What can global organizations do to avoid these conflicts? The answer appears to lie in a thoughtful blend of global goals and local knowledge. “What that has meant for us is building out the talent base globally,” a participant said. “You need to think about the type of people that you’re hiring so they can be effective in that local environment.”

“Education and awareness at the executive level is something that has to be done on a regular basis, because they’re not thinking about compliance all of the time,” a Summit attendee said. “They need to think about what their messages mean, and how they’re interpreted on the other side of the world. It’s very eye-opening to have the head of a division say, ‘I never meant it that way,’ and to have the head in another country say, ‘But that’s how we interpreted it.’”

One common theme that emanated from the discussion was the critical need to have an effective and robust regulatory relations program in place across a global franchise. Some of the key elements of a regulatory relations program emphasized by the participants included:

Defined roles and responsibilities of regulatory liaison officers in the home country as well as in each international location

Identification of key regulators at the local and national levels within each country

Regularly scheduled meetings (“in good times and bad times”) with key regulators

The need to track and fully respond to commitments made to regulators

“Knowing that the regulators are coordinating among themselves, there’s a tremendous benefit in trying to figure out how to have different conversations,” a compliance executive said. “We are after generally the same thing. We’re trying to do it in the right way. Creating space to have that dialogue is what’s ultimately going to protect the people we’re trying to serve. We’re all trying to foster this environment of a more compliant and ethical world.”

Stay Connected

Follow us for real time blog updates.

This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.

About Deloitte

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.